Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to inject arbitrary web script or HTML via the directory parameter. This issue exists in core/admin/ajax/developer/extensions/file-browser.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bigtreecms bigtree cms 4.2.19 |